ssl-policy name

Function

The ssl-policy name command configures an SSL policy for the BGP Monitoring Protocol (BMP).

The undo ssl-policy name command deletes the SSL policy configured for BMP.

By default, no SSL policy is configured for BMP.

Format

ssl-policy name policy-name

undo ssl-policy name policy-name

Parameters

Parameter	Description	Value
policy-name	Specifies the name of an SSL policy.	The value is a string of 1 to 23 case-insensitive characters. It cannot contain spaces.

Parameter

Description

Value

policy-name

Specifies the name of an SSL policy.

The value is a string of 1 to 23 case-insensitive characters. It cannot contain spaces.

Views

BMP session view

Default Level

2: Configuration level

Task Name and Operations

Task Name	Operations
bmp	write

Usage Guidelines

Usage Scenario

The Secure Sockets Layer (SSL) protocol protects data privacy on the Internet by preventing attackers from eavesdropping on data exchanged between a client and a server. Specifically, to ensure data transmission security on a network, an SSL policy needs to be configured for BMP using the ssl-policy name command to associate BMP with the SSL policy, and the SSL data encryption, identity authentication, and message integrity verification mechanisms need to be used.

Prerequisites

An SSL policy has been created using the ssl policy command in the system view.

Precautions

Only clients are available for BMP. Therefore, you can directly run the ssl-policy name command without the need to specify an SSL role.

A BMP SSL policy can be configured only for BMP sessions with IPv4 addresses and does not take effect for sessions with IPv6 addresses.

Example

# Configure the SSL policy named ftps_der for BMP.

<HUAWEI> system-view
[~HUAWEI] ssl policy ftps_der
[*HUAWEI-ssl-policy-ftps_der] quit
[*HUAWEI] bmp
[*HUAWEI-bmp] bmp-session 1.1.1.1
[*HUAWEI-bmp-session-1.1.1.1] ssl-policy name ftps_der